Techly NewsGet the app

Get the latest tech news

VMScape and why Xen dodged it


ETH Zürich’s new VMScape attack hit KVM and VMware, but Xen’s microkernel-like design kept it out of reach.

It’s a neat piece of work, and it shows once again how CPUs, with all their clever tricks for performance, can sometimes open the door to data leaks across virtual machines. The core stays minimal, with a narrow set of responsibilities, and anything that doesn’t absolutely need to run at the highest privilege level gets pushed out. As the ETH Zürich team points out, mitigations for KVM involve adding new predictor flushes, which Linux developers have already started to implement.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Xen

Xen

Photo of vmscape

vmscape

Related news:

News photo

New VMScape attack breaks guest-host isolation on AMD, Intel CPUs

News photo

Spectre haunts CPUs again: VMSCAPE vulnerability leaks cloud secrets

News photo

Linux Patched For New "VMSCAPE" Vulnerability Affecting Intel & AMD CPUs

« Akira ransomware breaching MFA-protected SonicWall VPN accounts
A safe, non-owning C++ pointer class »